p2pnet.net News:- Cisco admits there’s a DNS protocol security hole which opens some VoIP phones to a DoS (Denial of Service) attack, “after receiving and processing a specially crafted DNS packet”.

Products affected include:

Cisco IP Phones 7902/7905/7912
Cisco ATA (Analog Telephone Adaptor) 186/188
Cisco Unity Express
Cisco ACNS (Application and Content Networking System) devices, including:
Cisco 500 Series Content Engines
Cisco 7300 Series Content Engines
Cisco Content Routers 4400 series
Cisco Content Distribution Manager 4600 series
Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and 3800 series Integrated Service Routers

Cisco is offering free software to manage the flaw and promises, "No Cisco products performing DNS server functions, or DNS packet inspection, are currently known to be affected by this vulnerability.

"Only the DNS clients listed in the Affected Products section are currently known to be affected."

Something you think we should know? tips[at]p2pnet.net

See:-
Cisco -Cisco Security Notice:Crafted DNS Packet Can Cause Denial Of Service, May 24, 2005

This entry was posted on Thursday, May 26th, 2005 at 5:58 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 2687 times